bit-badger/feed-reader-central
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 12 Activity

First cut of log on page (#9)

Browse Source 
- Add session support
- Refactor security handling to use db connection
- Fix db path issue
This commit is contained in:
Daniel J. Summers
2024-04-15 23:25:58 -04:00
parent 4d736b8f77
commit cab26db255
12 changed files with 185 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/public/item.php
View File

@@ -8,9 +8,8 @@
include '../start.php';
Security::verifyUser();
$db = Data::getConnection();
Security::verifyUser($db);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// "Keep as New" button sends a POST request to reset the is_read flag before going back to the list of unread items
@@ -20,7 +19,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
WHERE item.id = :id AND feed.user_id = :user
SQL);
$isValidQuery->bindValue(':id', $_POST['id']);
$isValidQuery->bindValue(':user', $_REQUEST[Key::USER_ID]);
$isValidQuery->bindValue(':user', $_SESSION[Key::USER_ID]);
$isValidResult = $isValidQuery->execute();
if ($isValidResult && $isValidResult->fetchArray(SQLITE3_NUM)[0] == 1) {
$keepUnread = $db->prepare('UPDATE item SET is_read = 0 WHERE id = :id');
@@ -39,7 +38,7 @@ $query = $db->prepare(<<<'SQL'
AND feed.user_id = :user
SQL);
$query->bindValue(':id', $_GET['id']);
$query->bindValue(':user', $_REQUEST[Key::USER_ID]);
$query->bindValue(':user', $_SESSION[Key::USER_ID]);
$result = $query->execute();
$item = $result ? $result->fetchArray(SQLITE3_ASSOC) : false;